[ https://issues.apache.org/jira/browse/NIFI-8692?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jul Tomten updated NIFI-8692: ----------------------------- Description: I'd like to have sensitive attributes on the flow files. I need to store attributes z_Password z_JWT_Token http.headers.Authorization (from HandleHttpRquest) and general users shouldn't see these attribute values - instead the values should be masked with asterisk '*'. Only users with superadmin policy or policy.view.sensitive.attribute.<attribute name> policy should be alllowed to view the sensitive attributes. policy.view.sensitive.attribute.in.processgroup.<processgroup> sensitive attributes could be configured per process group and then inherited to sub process groups. Maybe the other way around - all attributes are sensitive by default. Users can only view attributes they have policy for. polic.yview.sensitive.attribute.<regex_attribute name> policy.view.ALL.sensitive.attributes more thinking about this is needed. good ideas are welcome. was: I'd like to have sensitive attributes on the flow files. I need to store attributes z_Password z_JWT_Token http.headers.Authorization (from HandleHttpRquest) and general users shouldn't see these attribute values - instead the values should be masekd with asterisk '*'. Only users with superadmin policy or view.sensitive.attribute.<attribute name> policy should be alllowed to view the sensitive attributes. view.sensitive.attribute.in.processgroup.<processgroup> sensitive attributes could be configured per process group and then inherited to sub process groups. > sensitive attributes > -------------------- > > Key: NIFI-8692 > URL: https://issues.apache.org/jira/browse/NIFI-8692 > Project: Apache NiFi > Issue Type: New Feature > Components: Extensions > Affects Versions: 1.13.2 > Reporter: Jul Tomten > Priority: Major > > I'd like to have sensitive attributes on the flow files. > I need to store attributes > z_Password > z_JWT_Token > http.headers.Authorization (from HandleHttpRquest) > > and general users shouldn't see these attribute values - instead the values > should be masked with asterisk '*'. > Only users with superadmin policy or > policy.view.sensitive.attribute.<attribute name> policy should be alllowed to > view the sensitive attributes. > policy.view.sensitive.attribute.in.processgroup.<processgroup> > sensitive attributes could be configured per process group and then inherited > to sub process groups. > > Maybe the other way around - all attributes are sensitive by default. > Users can only view attributes they have policy for. > polic.yview.sensitive.attribute.<regex_attribute name> > policy.view.ALL.sensitive.attributes > more thinking about this is needed. > good ideas are welcome. -- This message was sent by Atlassian Jira (v8.3.4#803005)